Wireshark_DNS_v7.0.pdf
2.21MB


1.    Run nslookup to obtain the IP address of a Web server in Asia. What is the IP address of that server?

>> 서버의 IP address211.231.99.80 / 203.133.167.16 .

 

2.    Run nslookup to determine the authoritative DNS servers for a university in Europe.

: 옥스포드(Oxford) 대학 http://www.ox.ac.uk/ 으로 결정.

>> The authoritative DNS server for Oxford is raptor.dns.ox.ac.uk.

 

3.    Run nslookup so that one of the DNS servers obtained in Question 2 is queried for the mail servers for Yahoo! mail.   What is its IP address?

>> IP address : 119.161.14.17

 

4.    Locate the DNS query and response messages. Are then sent over UDP or TCP?

>> query & response UDP를 통해 전송됨.

 

5.    What is the destination port for the DNS query message? What is the source port of DNS response message?

>> destination port : 53 / source port : 50919

 

6.    To what IP address is the DNS query message sent? Use ipconfig to determine the IP address of your local DNS server. Are these two IP addresses the same?

>> 210.220.163.82로 둘이 동일함.

 

7.    Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?

>> type A query. It did not contain any “answers”.

 

8.    Examine the DNS response message. How many “answers” are provided? What do each of these answers contain?

>>  DNS response message 3개의 answers를 제공. Answers엔 조회된 웹사이트 주소 및 타입, class, TTL, data lengthIP address가 포함되어 있음.

 

9.    Consider the subsequent TCP SYN packet sent by your host. Does the destination  IP address of the SYN packet correspond to any of the IP addresses provided in the DNS response message?

>> SYN 패킷의 대상 IP주소는 DNS response 104.20.0.85 / 104.20.1.85 에 의해 제공된 주소에 해당됨.

 

10.    This web page contains images. Before retrieving each image, does your host issue new DNS queries?

>> (이유를 모르겠지만 실행할 때마다 매번 조금씩 달라지는데) 맞다. 호스트는 각각의 이미지에 대해 new DNS queries를 발행함.

 

11.    What is the destination port for the DNS query message? What is the source port of DNS response message?

>> The destination port for the DNS query message is port 53. / The source port of DNS response message is port 53.

 

12.    To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server?

>> DNS 쿼리 메시지는 IP 210.220.163.82로 전송됨. 이는 나의 local DNS server IP주소와 동일함.

 

13.    Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?

>> type : A. This query contains no answers.

 

14.    Examine the DNS response message. How many “answers” are provided? What do each of these answers contain?

15.    Provide a screenshot. (14&15)

>> 첫 번째 DNS response 메시지에는 하나의 대답이 포함되어 있음. responsehttp://www.mit.edu로 라우팅되는 다음 DNS server를 포함함.

 

16.    To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server?

>> DNS query message와 내 local DNS server192.168.43.1로 동일하다.

(참고 : 장소를 옮겨서 다른 와이파이를 연결하는 바람에, 위의 DNS 서버의 IP 주소와는 달라진 거 같다.)

 

17.    Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?

>> DNS query type2: PTR, NS. These queries contains no answers.

 

18.    Examine the DNS response message. What MIT nameservers does the response message provide? Does this response message also provide the IP addresses of the MIT namesers?

>> MIT nameserverswww.mit.edu www.mit.edgekey.net을 제공함. / response messageIP addresses가 포함되어 있지 않음.

 

19.    Provide a screenshot.

 

20.    To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server? If not, what does the IP address correspond to?

>> DNS query message와 내 local DNS server192.168.43.1로 동일함.

 

21.    Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?

>> DNS query messagedomain name pointer이고, typePTR이며 answers는 포함하고 있지 않음.

 

22.    Examine the DNS response message. How many “answers” are provided? What does each of these answers contain?

>> No response messages.

 

23.    Provide a screenshot.

반응형